Andrej Butok

Results 56 comments of Andrej Butok

>These design limits have been disturbing other platforms as well (e.g. ST devices with large erase-block-size). We are able to fix these limits, just do not block the progress.

> > > These design limits have been disturbing other platforms as well (e.g. ST devices with large erase-block-size). > > > > > > We are able to fix...

To clarify. Will these sha be generated and preinstalled by imagetool, or during run-time?

> which then adds security issues because downgrades are implicitly allowed and an attacker can therefore boot from a possibly vulnerable device But MCUBoot has a recovery, with the same...

> > > which then adds security issues because downgrades are implicitly allowed and an attacker can therefore boot from a possibly vulnerable device > > > > > >...

> > > > > which then adds security issues because downgrades are implicitly allowed and an attacker can therefore boot from a possibly vulnerable device > > > >...

> > > > > > > which then adds security issues because downgrades are implicitly allowed and an attacker can therefore boot from a possibly vulnerable device > >...

> The problem is that we need some initial bootloader that is immutable. Because of this, we want it to have as little functionality as possible. It is not, and...

> what the goal of it is and what features it needs to support. Many people use MCUboot and do their own thing with it, the concept introduced here is...

> Multiple boot sources are not and should not be supported (in tree) If multiple-boot is configurable, it should be posible. For example, the NXP ROM Secure Bootloaders have this...